On Jan. 26, $534 mln worth of NEM coins were stolen by hackers in a number of transaction from the address. The funds belonged to customers of the exchange, which were stored in an online ‘hot’ wallet.

According to Coincheck officials, the private key was stolen, which allowed a total of 523 mln NEM coins to be transferred from the wallet. Questions were quickly raised about the security measures taken by the Japanese exchange to store cryptocurrencies.

It has been a helter-skelter two weeks for Coincheck – as it worked to both trace the stolen NEM coins while working out a plan to refund 260,000 users affected by the hack.

The timeline of events tells the story, but there’s been far more at play in the wake of the massive hack.

Saturday Jan. 27- NEM development team rules out hard fork, create automated tagging system to identify and flag all stolen NEM coins in circulation.

Tuesday Jan. 30 – NEM Foundation vice president Jeff McDonald announces that hackers are moving stolen NEM coins to various addresses 100 NEM at a time – while confirming no coins had been sold at exchanges.

Friday Feb. 2 – FSA visits Coincheck’s offices for a site inspection following the hack.

Friday Feb. 2 – FSA order Coincheck to submit a report on the incident and a systems improvement proposal by Feb. 13.

Friday Feb. 9 – Coincheck announces some users will be able to make Japanese Yen withdrawals for the first time since transaction freeze on Feb. 13.

Hackers bamboozled

Once Coincheck realized that the NEM tokens had been stolen they quickly halted all deposits and withdrawals on the exchange. After reporting the incident to authorities, the exchange moved into damage control.

In what could be described as a lucky break, a complete hard fork was ruled out after the hack due to the nature of the theft. Because the NEM coins were stolen due to poor securities measures and not a Blockchain flaw, the developers looked for a different solution.

Once the hackers started moving the stolen funds a few days later, 100 NEM at a time to different addresses, Coincheck was able to track the coins. Because of the trace of funds, hackers didn’t even try to sell the flagged NEM coins.

The move effectively renders the stolen coins useless, as they will be flagged if users try to cash out on exchanges for fiat or other cryptocurrencies.

Despite show of good faith, some users file lawsuit

The day after the hack, Coincheck vowed to refund every user affected by the hack out of its own capital. The exchange ruled out declaring bankruptcy, citing its efforts to be fully recognized by the FSA as a registered Cryptocurrency Exchange Provider.

Early on Tuesday, Feb. 13 the Nikkei confirmed that some users were being allowed to make Yen withdrawals for the first time since the hack two weeks ago. There are reports that investors want to make withdrawals worth 30 bln worth of Yen.

Meanwhile, Reuters also reported that 10 investors intend to file a lawsuit against Coincheck later this week – as they look to consolidate losses after the hack.

Use of hot wallet slammed

In the wake of the hack, Coincheck was slammed for storing NEM coins in a ‘hot wallet,’ which is an online wallet. Cryptocurrency good practice almost dictates that large sums of cryptocurrency be stored in a ‘cold’ storage, hardware wallet.

With access to the private key of the wallet, hackers simply moved funds from the Coincheck wallet containing users NEM coins.

Report submitted to FSA

All of these details were of big concern for the FSA, which visited Coincheck’s offices on Friday, Feb. 2. There were conflicting reports by various media outlets, some of which calling the visit a ‘raid.’

Nevertheless, the Japanese authority ordered Coincheck to submit a full report on the incident, including a review of security measures in the lead up to the hack, and what would be done to improve said security to prevent similar incidents taking place in future.

Reuters reported that Coincheck has submitted its report to the FSA this morning.